Merge pull request #126 from snyk/docs/document-how-to-set-up-each-su…

…pported-ecosystem docs: document how to set up local dev tools with Artifactory
snyk · Nov 27, 2024 · ecdcef8 · ecdcef8
2 parents fd14b8f + c78bbef
commit ecdcef8
Showing 1 changed file with 76 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -62,3 +62,79 @@ unzip -p distribution/target/artifactory-snyk-security-plugin-LOCAL-SNAPSHOT.zip
 ## Inspecting plugin logs
 In order to see the logs, set the log level for Snyk by inserting this line: `<logger name="io.snyk" level="debug"/>`
 into this file: `distribution/docker/etc/artifactory/logback.xml`.
+
+## Testing supported ecosystems
+Here are some tips for pointing local dev tools to Artifactory in order to try out the plugin.
+
+### NPM
+1. In the Artifactory UI, create a remote NPM repository using Repository Key `npm`.
+2. Authenticate your NPM client: `npm login --registry=http://localhost:8081/artifactory/api/npm/npm/ --auth-type=web`.
+3. Install a package `npm add [email protected] --registry=http://localhost:8081/artifactory/api/npm/npm/ --cache /tmp/npm-cache && rm -rf /tmp/npm-cache`
+
+### Maven
+This actually uses a Gradle project to test:
+1. In the Artifactory UI, create a remote Maven repository using Repository Key `maven`.
+2. Drop repository coords in `settings.gradle.kts` of your Gradle project (see the snippet below).
+```kotlin
+pluginManagement {
+	repositories {
+		maven {
+			url = uri("http://localhost:8082/artifactory/maven/")
+			isAllowInsecureProtocol = true
+			credentials {
+				username = "admin"
+				password = "password"
+			}
+		}
+		gradlePluginPortal()
+	}
+}
+```
+3. Make sure the `repositories` block only includes your Artifactory in `build.gradle.kts` (see the second snippet below).
+```kotlin
+repositories {
+	maven {
+		url = uri("http://localhost:8082/artifactory/maven/")
+		isAllowInsecureProtocol = true
+		credentials {
+			username = "admin"
+			password = "password"
+		}
+	}
+}
+```
+4. Install your project's dependencies.
+
+
+### PyPi
+1. In the Artifactory UI, create a remote Pypi repository using Repository Key `pypi`.
+2. `pip3 install --index-url http://localhost:8082/artifactory/api/pypi/pypi/simple libdev`
+
+### Ruby Gems
+1. In the Artifactory UI, create a remote Gems repository using Repository Key `rubygems`.
+2. Still in the Artifactory UI, navigate to the artifacts view and hit the `Set me up` option.
+3. Choose the `rubygems` repository and generate an access token.
+4. `gem source -a http://admin:ACCESS_TOKEN_FROM_PREVIOUS_STEP@localhost:8081/artifactory/api/gems/rubygems/`
+5. `gem install openssl`
+
+### Cocoapods
+1. In the Artifactory UI, create a remote CocoaPods repository using Repository Key `cocoapods`.
+2. Create a `Podfile`:
+```
+source "http://localhost:8081/artifactory/api/pods/cocoapods"
+project 'project/test/test.xcodeproj'
+platform :ios, '10.0'
+target 'test' do
+  use_frameworks!
+  pod 'Alamofire', '~> 5.10'
+  pod 'Bolts', '~> 1.9'
+end
+```
+3. `pod install`
+
+### Nuget
+1. In the Artifactory UI, create a remote Nuget repository using Repository Key `nuget`.
+2. `nuget sources Add -Name Artifactory -Source http://localhost:8081/artifactory/api/nuget/nuget`
+3. Disable the default source: `nuget sources disable -Name nuget.org`.
+4. Verify only Artifactory is enabled: `nuget sources List`.
+5. `nuget install Newtonsoft.Json -Version 13.0.1`